Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

CVE
CVEadded 2012/05/21 8:0 p.m.56 views

CVE-2012-2339

The CVE-2012-2339 entry concerns Drupal’s contributed Glossary module (versions 6.x-1.x prior to 6.x-1.8). Root cause: insufficient sanitization of taxonomy information in the glossary indicator feature, enabling Cross-Site Scripting (XSS) via unspecified vectors. Impact is XSS vulnerability for ...

4.3CVSS5.8AI score0.01647EPSS
Exploits0References10Affected Software2
Drupal
Drupaladded 2012/05/09 12:0 a.m.29 views

SA-CONTRIB-2012-073 - Glossary - Cross-Site Scripting (XSS)

CVE: CVE-2012-2339 The glossary module scans posts for glossary terms, adding an indicator. By hovering over the indicator, users may learn the definition of that term. The module does not sufficiently sanitize the taxonomy information. This leaves sites vulnerable to Cross-Site Scripting attacks...

4.3CVSS5.8AI score0.01647EPSS
Exploits0References11
Rows per page
Query Builder